Professional Documents
Culture Documents
Core Network Components - Microsoft Docs
Core Network Components - Microsoft Docs
Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016
This guide provides instructions on how to plan and deploy the core components required
for a fully functioning network and a new Active Directory domain in a new forest.
7 Note
This guide is available for download in Microsoft Word format from TechNet Gallery.
For more information, see Core Network Guide for Windows Server 2016 .
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 1/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
A core network is a collection of network hardware, devices, and software that provides the
fundamental services for your organization's information technology (IT) needs.
A Windows Server core network provides you with many benefits, including the following.
Core protocols for network connectivity between computers and other Transmission
Control Protocol/Internet Protocol (TCP/IP) compatible devices. TCP/IP is a suite of
standard protocols for connecting computers and building networks. TCP/IP is
network protocol software provided with Microsoft Windows operating systems that
implements and supports the TCP/IP protocol suite.
Domain Name System (DNS) name resolution service. DNS allows users, computers,
applications, and services to find the IP addresses of computers and devices on the
network by using the Fully Qualified Domain Name of the computer or device.
A forest, which is one or more Active Directory domains that share the same class and
attribute definitions (schema), site and replication information (configuration), and
forest-wide search capabilities (global catalog).
A forest root domain, which is the first domain created in a new forest. The Enterprise
Admins and Schema Admins groups, which are forest-wide administrative groups, are
located in the forest root domain. In addition, a forest root domain, as with other
domains, is a collection of computer, user, and group objects that are defined by the
administrator in Active Directory Domain Services (AD DS). These objects share a
common directory database and security policies. They can also share security
relationships with other domains if you add domains as your organization grows. The
directory service also stores directory data and allows authorized computers,
applications, and users to access the data.
A user and computer account database. The directory service provides a centralized
user accounts database that allows you to create user and computer accounts for
people and computers that are authorized to connect to your network and access
network resources, such as applications, databases, shared files and folders, and
printers.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 2/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
A core network also allows you to scale your network as your organization grows and IT
requirements change. For example, with a core network you can add domains, IP subnets,
remote access services, wireless services, and other features and server roles provided by
Windows Server 2016.
Computers that meet the minimum hardware requirements for their respective client
and server operating systems.
Remote access
Wireless access
Client computer deployment
7 Note
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 3/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Technology Overviews
The following sections provide brief overviews of the required technologies that are
deployed to create a core network.
DNS
DNS is a name resolution protocol for TCP/IP networks, such as the Internet or an
organization network. A DNS server hosts the information that enables client computers
and services to resolve easily recognized, alphanumeric DNS names to the IP addresses
that computers use to communicate with each other.
DHCP
DHCP is an IP standard for simplifying the management of host IP configuration. The DHCP
standard provides for the use of DHCP servers as a way to manage dynamic allocation of IP
addresses and other related configuration details for DHCP-enabled clients on your
network.
DHCP allows you to use a DHCP server to dynamically assign an IP address to a computer
or other device, such as a printer, on your local network. Every computer on a TCP/IP
network must have a unique IP address, because the IP address and its related subnet
mask identify both the host computer and the subnet to which the computer is attached.
By using DHCP, you can ensure that all computers that are configured as DHCP clients
receive an IP address that is appropriate for their network location and subnet, and by
using DHCP options, such as default gateway and DNS servers, you can automatically
provide DHCP clients with the information that they need to function correctly on your
network.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 4/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
For TCP/IP-based networks, DHCP reduces the complexity and amount of administrative
work involved in reconfiguring computers.
TCP/IP
TCP/IP in Windows Server 2016 is the following:
A foundation for gaining access to global Internet services, such as the World Wide
Web and File Transfer Protocol (FTP) servers.
Windows 10
Windows 7
Windows Server 2008
Windows Vista
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 5/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Internet hosts
Network-ready printers
Tablets and cellular telephones with wired Ethernet or wireless 802.11 technology
enabled
7 Note
This guide also includes instructions for adding optional Network Policy Server (NPS)
and Web Server (IIS) servers to your network topology to provide the foundation for
secure network access solutions, such as 802.1X wired and wireless deployments that
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 6/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
you can implement using Core Network Companion guides. For more information, see
Deploying optional features for network access authentication and Web services.
Router
This deployment guide provides instructions for deploying a core network with two
subnets separated by a router that has DHCP forwarding enabled. You can, however,
deploy a Layer 2 switch, a Layer 3 switch, or a hub, depending on your requirements and
resources. If you deploy a switch, the switch must be capable of DHCP forwarding or you
must place a DHCP server on each subnet. If you deploy a hub, you are deploying a single
subnet and do not need DHCP forwarding or a second scope on your DHCP server.
Client computers
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 7/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Computers running Windows client operating systems are configured by default as DHCP
clients, which obtain IP addresses and DHCP options automatically from the DHCP server.
Planning subnets
Planning basic configuration of all servers
7 Note
For assistance with planning your deployment, also see Appendix E - Core Network
Planning Preparation Sheet.
Planning subnets
In Transmission Control Protocol/Internet Protocol (TCP/IP) networking, routers are used to
interconnect the hardware and software used on different physical network segments
called subnets. Routers are also used to forward IP packets between each of the subnets.
Determine the physical layout of your network, including the number of routers and
subnets you need, before proceeding with the instructions in this guide.
In addition, to configure the servers on your network with static IP addresses, you must
determine the IP address range that you want to use for the subnet where your core
network servers are located. In this guide, the private IP address ranges 10.0.0.1 -
10.0.0.254 and 10.0.1.1 - 10.0.1.254 are used as examples, but you can use any private IP
address range that you prefer.
) Important
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 8/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
After you select the IP address ranges that you want to use for each subnet, ensure
that you configure your routers with an IP address from the same IP address range as
that used on the subnet where the router is installed. For example, if your router is
configured by default with an IP address of 192.168.1.1, but you are installing the
router on a subnet with an IP address range of 10.0.0.0/24, you must reconfigure the
router to use an IP address from the 10.0.0.0/24 IP address range.
The following recognized private IP address ranges are specified by Internet Request for
Comments (RFC) 1918:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
When you use the private IP address ranges as specified in RFC 1918, you cannot connect
directly to the Internet using a private IP address because requests going to or from these
addresses are automatically discarded by Internet service provider (ISP) routers. To add
Internet connectivity to your core network later, you must contract with an ISP to obtain a
public IP address.
) Important
When using private IP addresses, you must use some type of proxy or network
address translation (NAT) server to convert the private IP address ranges on your local
network to a public IP address that can be routed on the Internet. Most routers
provide NAT services, so selecting a router that is NAT-capable should be fairly simple.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 9/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
For consistency across your network, it is a good idea to use consistent names for servers,
printers, and other devices. Computer names can be used to help users and administrators
easily identify the purpose and location of the server, printer, or other device. For example,
if you have three DNS servers, one in San Francisco, one in Los Angeles, and one in
Chicago, you might use the naming convention server function-location-number:
DNS-DEN-01. This name represents the DNS server in Denver, Colorado. If additional
DNS servers are added in Denver, the numeric value in the name can be incremented,
as in DNS-DEN-02 and DNS-DEN-03.
DNS-SPAS-01. This name represents the DNS server in South Pasadena, California.
DNS-ORL-01. This name represents the DNS server in Orlando, Florida.
For this guide, the server naming convention is very simple, and consists of the primary
server function and a number. For example, the domain controller is named DC1 and the
DHCP server is named DHCP1.
It is recommended that you choose a naming convention before you install your core
network using this guide.
The following table provides example values for static IP address configuration.
IP address 10.0.0.2
7 Note
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 10/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
If you plan on deploying more than one DNS server, you can also plan the Alternate
DNS Server IP address.
Forest functionality enables features across all the domains in your forest. The following
forest functional levels are available:
Windows Server 2008 . This forest functional level supports only domain controllers
that are running Windows Server 2008 and later versions of the Windows Server
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 11/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
operating system.
Windows Server 2008 R2 . This forest functional level supports Windows Server 2008
R2 domain controllers and domain controllers that are running later versions of the
Windows Server operating system.
Windows Server 2012 . This forest functional level supports Windows Server 2012
domain controllers and domain controllers that are running later versions of the
Windows Server operating system.
Windows Server 2012 R2 . This forest functional level supports Windows Server 2012
R2 domain controllers and domain controllers that are running later versions of the
Windows Server operating system.
Windows Server 2016. This forest functional level supports only Windows Server 2016
domain controllers and domain controllers that are running later versions of the
Windows Server operating system.
If you are deploying a new domain in a new forest and all of your domain controllers will
be running Windows Server 2016, it is recommended that you configure AD DS with the
Windows Server 2016 forest functional level during AD DS installation.
) Important
After the forest functional level is raised, domain controllers that are running earlier
operating systems cannot be introduced into the forest. For example, if you raise the
forest functional level to Windows Server 2016, domain controllers running Windows
Server 2012 R2 or Windows Server 2008 cannot be added to the forest.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 12/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
When you create a reverse lookup zone, the in-addr.arpa domain, which is defined in the
DNS standards and reserved in the Internet DNS namespace to provide a practical and
reliable way to perform reverse queries, is configured in DNS. To create the reverse
namespace, subdomains within the in-addr.arpa domain are formed, using the reverse
ordering of the numbers in the dotted-decimal notation of IP addresses.
The in-addr.arpa domain applies to all TCP/IP networks that are based on Internet Protocol
version 4 (IPv4) addressing. The New Zone Wizard automatically assumes that you are
using this domain when you create a new reverse lookup zone.
While you are running the New Zone Wizard, the following selections are recommended:
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 13/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Zone type Primary zone, and Store the zone in Active Directory is
selected
Active Directory Zone Replication Scope To all DNS servers in this domain
First Reverse Lookup Zone Name wizard IPv4 Reverse Lookup Zone
page
7 Note
Individual computers that are running Windows have a local users and groups user
account database that is called the Security Accounts Manager (SAM) user accounts
database. When you create a user account on the local computer in the SAM
database, you can log onto the local computer, but you cannot log on to a domain.
Domain user accounts are created with the Active Directory Users and Computers
Microsoft Management Console (MMC) on a domain controller, not with local users
and groups on the local computer.
After the first successful logon with domain logon credentials, the logon settings persist
unless the computer is removed from the domain or the logon settings are manually
changed.
Before you log on to the domain:
Create user accounts in Active Directory Users and Computers. Each user must have
an Active Directory Domain Services user account in Active Directory Users and
Computers. For more information, see Create a User Account in Active Directory Users
and Computers.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 14/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Ensure the correct IP address configuration. To join a computer to the domain, the
computer must have an IP address. In this guide, servers are configured with static IP
addresses and client computers receive IP address leases from the DHCP server. For
this reason, the DHCP server must be deployed before you join clients to the domain.
For more information, see Deploying DHCP1.
Join the computer to the domain. Any computer that provides or accesses network
resources must be joined to the domain. For more information, see Joining Server
Computers to the Domain and Logging On and Joining Client Computers to the
Domain and Logging On.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 15/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
A range of IP addresses from which to include or exclude addresses used for DHCP
service lease offerings.
A subnet mask, which determines the subnet prefix for a given IP address.
Any DHCP scope options configured for assignment to DHCP clients, such as DNS
server IP address and router/default gateway IP address.
Reservations are optionally used to ensure that a DHCP client always receives the
same IP address.
Before deploying your servers, list your subnets and the IP address range you want to use
for each subnet.
For example, the subnet mask normally used with the IP address 131.107.16.200 is the
following 32-bit binary number:
This subnet mask number is 16 one-bits followed by 16 zero-bits, indicating that the
network ID and host ID sections of this IP address are both 16 bits in length. Normally, this
subnet mask is displayed in dotted decimal notation as 255.255.0.0.
The following table displays subnet masks for the Internet address classes.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 16/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
When you create a scope in DHCP and you enter the IP address range for the scope, DHCP
provides these default subnet mask values. Typically, default subnet mask values are
acceptable for most networks with no special requirements and where each IP network
segment corresponds to a single physical network.
In some cases, you can use customized subnet masks to implement IP subnetting. With IP
subnetting, you can subdivide the default host ID portion of an IP address to specify
subnets, which are subdivisions of the original class-based network ID.
By customizing the subnet mask length, you can reduce the number of bits that are used
for the actual host ID.
To prevent addressing and routing problems, you should make sure that all TCP/IP
computers on a network segment use the same subnet mask and that each computer or
device has an unique IP address.
To solve this problem, you can create an exclusion range for the DHCP scope. An exclusion
range is a contiguous range of IP addresses within the scope's IP address range that the
DHCP server is not allowed to use. If you create an exclusion range, the DHCP server does
not assign the addresses in that range, allowing you to manually assign these addresses
without creating an IP address conflict.
You can exclude IP addresses from distribution by the DHCP server by creating an exclusion
range for each scope. You should use exclusions for all devices that are configured with a
static IP address. The excluded addresses should include all IP addresses that you assigned
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 17/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
manually to other servers, non-DHCP clients, diskless workstations, or Routing and Remote
Access and PPP clients.
It is recommended that you configure your exclusion range with extra addresses to
accommodate future network growth. The following table provides an example exclusion
range for a scope with an IP address range of 10.0.0.1 - 10.0.0.254 and a subnet mask of
255.255.255.0.
For example, if the IP address range for a subnet is 192.168.0.1 through 192.168.0.254 and
you have ten devices that you want to configure with a static IP address, you can create an
exclusion range for the 192.168.0.x scope that includes ten or more IP addresses:
192.168.0.1 through 192.168.0.15.
In this example, you use ten of the excluded IP addresses to configure servers and other
devices with static IP addresses and five additional IP addresses are left available for static
configuration of new devices that you might want to add in the future. With this exclusion
range, the DHCP server is left with an address pool of 192.168.0.16 through 192.168.0.254.
Additional example configuration items for AD DS and DNS are provided in the following
table.
2. Deploying DC1
7 Note
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 19/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
The procedures in this guide do not include instructions for those cases in which
the User Account Control dialog box opens to request your permission to
continue. If this dialog box opens while you are performing the procedures in
this guide, and if the dialog box was opened in response to your actions, click
Continue.
You can use the following sections to perform these actions for each server.
Membership in Administrators, or equivalent, is the minimum required to perform these
procedures.
7 Note
To perform this procedure by using Windows PowerShell, open PowerShell and type
the following cmdlets on separate lines, and then press ENTER. You must also replace
ComputerName with the name that you want to use.
Rename-Computer ComputerName
Restart-Computer
1. In Server Manager, click Local Server. The computer Properties are displayed in the
details pane.
2. In Properties, in Computer name, click the existing computer name. The System
Properties dialog box opens. Click Change. The Computer Name/Domain Changes
dialog box opens.
3. In the Computer Name/Domain Changes dialog box, in Computer name, type a new
name for your computer. For example, if you want to name the computer DC1, type
DC1.
4. Click OK twice, and then click Close. If you want to restart the computer immediately
to complete the name change, click Restart Now. Otherwise, click Restart Later.
7 Note
For information on how to rename computers that are running other Microsoft
operating systems, see Appendix A - Renaming computers.
7 Note
To perform this procedure by using Windows PowerShell, open PowerShell and type
the following cmdlets on separate lines, and then press ENTER. You must also replace
interface names and IP addresses in this example with the values that you want to use
to configure your computer.
New-NetIPAddress -IPAddress 10.0.0.2 -InterfaceAlias "Ethernet" -
127.0.0.1
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 21/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
4. In the network connection Properties dialog box, in This connection uses the
following items, select Internet Protocol Version 4 (TCP/IPv4), and then click
Properties. The Internet Protocol Version 4 (TCP/IPv4) Properties dialog box opens.
5. In Internet Protocol Version 4 (TCP/IPv4) Properties, on the General tab, click Use
the following IP address. In IP address, type the IP address that you want to use.
6. Press tab to place the cursor in Subnet mask. A default value for subnet mask is
entered automatically. Either accept the default subnet mask, or type the subnet mask
that you want to use.
7. In Default gateway, type the IP address of your default gateway.
7 Note
You must configure Default gateway with the same IP address that you use on
the local area network (LAN) interface of your router. For example, if you have a
router that is connected to a wide area network (WAN) such as the Internet as
well as to your LAN, configure the LAN interface with the same IP address that
you will then specify as the Default gateway. In another example, if you have a
router that is connected to two LANs, where LAN A uses the address range
10.0.0.0/24 and LAN B uses the address range 192.168.0.0/24, configure the LAN
A router IP address with an address from that address range, such as 10.0.0.1. In
addition, in the DHCP scope for this address range, configure Default gateway
with the IP address 10.0.0.1. For the LAN B, configure the LAN B router interface
with an address from that address range, such as 192.168.0.1, and then configure
the LAN B scope 192.168.0.0/24 with a Default gateway value of 192.168.0.1.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 22/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
8. In Preferred DNS server, type the IP address of your DNS server. If you plan to use
the local computer as the preferred DNS server, type the IP address of the local
computer.
9. In Alternate DNS Server, type the IP address of your alternate DNS server, if any. If
you plan to use the local computer as an alternate DNS server, type the IP address of
the local computer.
7 Note
For information on how to configure a static IP address on computers that are running
other Microsoft operating systems, see Appendix B - Configuring static IP addresses.
Deploying DC1
To deploy DC1, which is the computer running Active Directory Domain Services (AD DS)
and DNS, you must complete these steps in the following order:
Administrative privileges
If you are installing a small network and are the only administrator for the network, it is
recommended that you create a user account for yourself, and then add your user account
as a member of both Enterprise Admins and Domain Admins. Doing so will make it easier
for you to act as the administrator for all network resources. It is also recommended that
you log on with this account only when you need to perform administrative tasks, and that
you create a separate user account for performing non-IT related tasks.
Differences between domain user accounts and user accounts on the local computer
One of the advantages of a domain-based infrastructure is that you do not need to create
user accounts on each computer in the domain. This is true whether the computer is a
client computer or a server.
Because of this, you should not create user accounts on each computer in the domain.
Create all user accounts in Active Directory Users and Computers and use the preceding
procedures to assign group membership. By default, all user accounts are members of the
Domain Users group.
All members of the Domain Users group can log on to any client computer after it is joined
to the domain.
You can configure user accounts to designate the days and times that the user is allowed
to log on to the computer. You can also designate which computers each user is allowed to
use. To configure these settings, open Active Directory Users and Computers, locate the
user account that you want to configure, and double-click the account. In the user account
Properties, click the Account tab, and then click either Logon Hours or Log On To.
The first procedure provides instructions on performing these actions by using Windows
PowerShell, while the second procedure shows you how to install AD DS and DNS by using
Server Manager.
) Important
After you finish performing the steps in this procedure, the computer is automatically
restarted.
You can use the following commands to install and configure AD DS and DNS. You must
replace the domain name in this example with the value that you want to use for your
domain.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 24/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
7 Note
For more information about these Windows PowerShell commands, see the following
reference topics.
Install-WindowsFeature
Install-ADDSForest
Run Windows PowerShell as an Administrator, type the following command, and then
press ENTER:
PowerShell
PowerShell
During the installation and configuration process, which is visible at the top of the
Windows PowerShell window, the following prompt appears. After it appears, type a
password and then press ENTER.
SafeModeAdministratorPassword:
After you type a password and press ENTER, the following confirmation prompt
appears. Type the same password and then press ENTER.
Confirm SafeModeAdministratorPassword:
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 25/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
When the following prompt appears, type the letter Y and then press ENTER.
If you want to, you can read the warning messages that are displayed during normal,
successful installation of AD DS and DNS. These messages are normal and are not an
indication of install failure.
After installation succeeds, a message appears stating that you are about to be
logged off of the computer so that the computer can restart. If you click Close, you
are immediately logged off the computer, and the computer restarts. If you do not
click Close, the computer restarts after a default period of time.
After the server is restarted, you can verify successful installation of Active Directory
Domain Services and DNS. Open Windows PowerShell, type the following command,
and press ENTER.
PowerShell
Get-WindowsFeature
The results of this command are displayed in Windows PowerShell, and should be similar to
the results in the image below. For installed technologies, the brackets to the left of the
technology name contain the character X, and the value of Install State is Installed.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 26/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
7 Note
The Before You Begin page of the Add Roles and Features Wizard is not
displayed if you have previously selected Skip this page by default when the
Add Roles and Features Wizard was run.
4. In Select destination server, ensure that Select a server from the server pool is
selected. In Server Pool, ensure that the local computer is selected. Click Next.
5. In Select server roles, in Roles, click Active Directory Domain Services. In Add
features that are required for Active Directory Domain Services, click Add Features.
Click Next.
6. In Select features, click Next, and in Active Directory Domain Services, review the
information that is provided, and then click Next.
7. In Confirm installation selections, click Install. The Installation progress page displays
status during the installation process. When the process completes, in the message
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 27/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
details, click Promote this server to a domain controller. The Active Directory
Domain Services Configuration Wizard opens.
8. In Deployment Configuration, select Add a new forest. In Root domain name, type
the fully qualified domain name (FQDN) for your domain. For example, if your FQDN
is corp.contoso.com, type corp.contoso.com. Click Next.
9. In Domain Controller Options, in Select functional level of the new forest and root
domain, select the forest functional level and domain functional level that you want
to use. In Specify domain controller capabilities, ensure that Domain Name System
(DNS) server and Global Catalog (GC) are selected. In Password and Confirm
password, type the Directory Services Restore Mode (DSRM) password that you want
to use. Click Next.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 28/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
7 Note
To perform this procedure by using Windows PowerShell, open PowerShell and type
the following cmdlet on one line, and then press ENTER. You must also replace the
user account name in this example with the value that you want to use.
After you press ENTER, type the password for the user account. The account is created
and, by default, is granted membership to the Domain Users group.
With the following cmdlet, you can assign additional group memberships for the new
user account. The example below adds User1 to the Domain Admins and Enterprise
Admins groups. Ensure before running this command that you change the user
account name, domain name, and groups to match your requirements.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 29/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Add-ADPrincipalGroupMembership -Identity
Admins,CN=Users,DC=corp,DC=contoso,DC=com"
Where?
Active Directory Users and Computers/domain node/folder
3. Point to New, and then click User. The New Object - User dialog box opens.
8. In User logon name, type the user logon name. Click Next.
9. In New Object - User, in Password and Confirm password, type the user's password,
and then select the appropriate password options.
10. Click Next, review the new user account settings, and then click Finish.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 30/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
2. In the details pane, double-click the folder that contains the group to which you want
to add a member.
Where?
3. In the details pane, right-click the object that you want to add to a group, such as a
user or computer, and then click Properties. The object's Properties dialog box
opens. Click the Member of tab.
6. To assign group membership to other users, groups or computers, repeat steps 4 and
5 of this procedure.
7 Note
For medium and large organizations, it's recommended that you configure and
use the DNSAdmins group in Active Directory Users and Computers. For more
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 31/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
2. In DNS, if it is not already expanded, double-click the server name to expand the tree.
For example, if the DNS server name is DC1, double-click DC1.
3. Select Reverse Lookup Zones, right-click Reverse Lookup Zones, and then click New
Zone. The New Zone Wizard opens.
4. In Welcome to the New Zone Wizard, click Next.
7. In Active Directory Zone Replication Scope, select To all DNS servers running on
domain controllers in this domain, unless you have a specific reason to choose a
different option. Click Next.
8. In the first Reverse Lookup Zone Name page, select IPv4 Reverse Lookup Zone. Click
Next.
9. In the second Reverse Lookup Zone Name page, do one of the following:
In Network ID, type the network ID of your IP address range. For example, if
your IP address range is 10.0.0.1 through 10.0.0.254, type 10.0.0.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 32/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
In Reverse lookup zone name, your IPv4 reverse lookup zone name is
automatically added. Click Next.
10. In Dynamic Update, select the type of dynamic updates that you want to allow. Click
Next.
11. In Completing the New Zone Wizard, review your choices, and then click Finish.
On all servers that you are deploying, except for the server running AD DS, do the
following:
1. Complete the procedures provided in Configuring All Servers.
2. Use the instructions in the following two procedures to join your servers to the
domain and to log on to the servers to perform additional deployment tasks:
7 Note
To perform this procedure by using Windows PowerShell, open PowerShell and type
the following cmdlet, and then press ENTER. You must also replace the domain name
with the name that you want to use.
Add-Computer -DomainName corp.contoso.com
When you are prompted to do so, type the user name and password for an account
that has permission to join a computer to the domain. To restart the computer, type
the following command and press ENTER.
Restart-Computer
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 33/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
1. In Server Manager, click Local Server. In the details pane, click WORKGROUP. The
System Properties dialog box opens.
2. In the System Properties dialog box, click Change. The Computer Name/Domain
Changes dialog box opens.
3. In Computer Name, in Member of, click Domain, and then type the name of the
domain that you want to join. For example, if the domain name is corp.contoso.com,
type corp.contoso.com.
4. Click OK. The Windows Security dialog box opens.
5. In Computer Name/Domain Changes, in User name, type the user name, and in
Password, type the password, and then click OK. The Computer Name/Domain
Changes dialog box opens, welcoming you to the domain. Click OK.
6. The Computer Name/Domain Changes dialog box displays a message indicating that
you must restart the computer to apply the changes. Click OK.
7. On the System Properties dialog box, on the Computer Name tab, click Close. The
Microsoft Windows dialog box opens, and displays a message, again indicating that
you must restart the computer to apply the changes. Click Restart Now.
7 Note
For information on how to join computers that are running other Microsoft operating
systems to the domain, see Appendix C - Joining computers to the domain.
7 Note
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 34/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
For information on how to log on to the domain using computers that are running
other Microsoft operating systems, see Appendix D - Log on to the domain.
Deploying DHCP1
Before deploying this component of the core network, you must do the following:
7 Note
EndRange 10.0.0.15
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 35/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
EndRange 10.0.1.15
ComputerName DHCP1.corp.contoso.com
To install DHCP
1. On DHCP1, in Server Manager, click Manage, and then click Add Roles and Features.
The Add Roles and Features Wizard opens.
7 Note
The Before You Begin page of the Add Roles and Features Wizard is not
displayed if you have previously selected Skip this page by default when the
Add Roles and Features Wizard was run.
4. In Select destination server, ensure that Select a server from the server pool is
selected. In Server Pool, ensure that the local computer is selected. Click Next.
5. In Select Server Roles, in Roles, select DHCP Server. In Add features that are
required for DHCP Server, click Add Features. Click Next.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 36/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
6. In Select features, click Next, and in DHCP Server, review the information that is
provided, and then click Next.
7. In Confirm installation selections, click Restart the destination server automatically
if required. When you are prompted to confirm this selection, click Yes, and then click
Install. The Installation progress page displays status during the installation process.
When the process completes, the message "Configuration required. Installation
succeeded on ComputerName" is displayed, where ComputerName is the name of the
computer upon which you installed DHCP Server. In the message window, click
Complete DHCP configuration. The DHCP Post-Install configuration wizard opens.
Click Next.
8. In Authorization, specify the credentials that you want to use to authorize the DHCP
server in Active Directory Domain Services, and then click Commit. After authorization
is complete, click Close.
2. In DHCP, expand the server name. For example, if the DHCP server name is
DHCP1.corp.contoso.com, click the down arrow next to DHCP1.corp.contoso.com.
3. Beneath the server name, right-click IPv4, and then click New Scope. The New Scope
Wizard opens.
4. In Welcome to the New Scope Wizard, click Next.
5. In Scope Name, in Name, type a name for the scope. For example, type Subnet 1.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 37/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
6. In Description, type a description for the new scope, and then click Next.
a. In Start IP address, type the IP address that is the first IP address in the exclusion
range. For example, type 10.0.0.1.
b. In End IP address, type the IP address that is the last IP address in the exclusion
range, For example, type 10.0.0.15.
10. In Lease Duration, modify the default values for Days, Hours, and Minutes, as
appropriate for your network, and then click Next.
11. In Configure DHCP Options, select Yes, I want to configure these options now, and
then click Next.
a. In Parent domain, type the name of the DNS domain that clients use for name
resolution. For example, type corp.contoso.com.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 38/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
b. In Server name, type the name of the DNS computer that clients use for name
resolution. For example, type DC1.
c. Click Resolve. The IP address of the DNS server is added in IP address. Click Add,
wait for DNS server IP address validation to complete, and then click Next.
14. In WINS Servers, because you do not have WINS servers on your network, click Next.
15. In Activate Scope, select Yes, I want to activate this scope now.
) Important
To create new scopes for additional subnets, repeat this procedure. Use a different IP
address range for each subnet that you plan to deploy, and ensure that DHCP
message forwarding is enabled on all routers that lead to other subnets.
To perform this procedure by using Windows PowerShell, open PowerShell and type
the following cmdlet, and then press ENTER. You must also replace the domain name
with the name that you want to use.
When you are prompted to do so, type the user name and password for an account
that has permission to join a computer to the domain. To restart the computer, type
the following command and press ENTER.
Restart-Computer
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 39/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
2. In Search the web and Windows, type System. In search results, click System (Control
panel). The System dialog box opens.
3. In System, click Advanced system settings. The System Properties dialog box opens.
Click the Computer Name tab.
4. In Computer Name, click Change. The Computer Name/Domain Changes dialog box
opens.
5. In Computer Name/Domain Changes , In Member of, click Domain, and then type
the name of the domain you want to join. For example, if the domain name is
corp.contoso.com, type corp.contoso.com.
6. Click OK. The Windows Security dialog box opens.
7. In Computer Name/Domain Changes, in User name, type the user name, and in
Password, type the password, and then click OK. The Computer Name/Domain
Changes dialog box opens, welcoming you to the domain. Click OK.
8. The Computer Name/Domain Changes dialog box displays a message indicating that
you must restart the computer to apply the changes. Click OK.
9. On the System Properties dialog box, on the Computer Name tab, click Close. The
Microsoft Windows dialog box opens, and displays a message, again indicating that
you must restart the computer to apply the changes. Click Restart Now.
3. In System, click Advanced system settings. The System Properties dialog box opens.
Click the Computer Name tab.
4. In Computer Name, click Change. The Computer Name/Domain Changes dialog box
opens.
5. In Computer Name/Domain Changes , In Member of, click Domain, and then type
the name of the domain you want to join. For example, if the domain name is
corp.contoso.com, type corp.contoso.com.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 40/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
7. In Computer Name/Domain Changes, in User name, type the user name, and in
Password, type the password, and then click OK. The Computer Name/Domain
Changes dialog box opens, welcoming you to the domain. Click OK.
8. The Computer Name/Domain Changes dialog box displays a message indicating that
you must restart the computer to apply the changes. Click OK.
9. On the System Properties dialog box, on the Computer Name tab, click Close. The
Microsoft Windows dialog box opens, and displays a message, again indicating that
you must restart the computer to apply the changes. Click Restart Now.
7 Note
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 41/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
You can deploy server certificates and other additional features by using Core Network
Companion Guides. For more information, see Additional Technical Resources.
The following illustration shows the Windows Server Core Network topology with added
NPS and Web servers.
The following sections provide information on adding NPS and Web servers to your
network.
Deploying NPS1
Deploying WEB1
Deploying NPS1
The Network Policy Server (NPS) server is installed as a preparatory step for deploying
other network access technologies, such as virtual private network (VPN) servers, wireless
access points, and 802.1X authenticating switches.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 42/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Network Policy Server (NPS) allows you to centrally configure and manage network policies
with the following features: Remote Authentication Dial-In User Service (RADIUS) server
and RADIUS proxy.
NPS is an optional component of a core network, but you should install NPS if any of the
following are true:
You are planning to expand your network to include remote access servers that are
compatible with the RADIUS protocol, such as a computer running Windows Server
2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 or
Windows Server 2008 and Routing and Remote Access service, Terminal Services
Gateway, or Remote Desktop Gateway.
Before deploying this role service, you must perform the following steps on the computer
you are configuring as an NPS.
To deploy NPS1, which is the computer running the Network Policy Server (NPS) role
service of the Network Policy and Access Services server role, you must complete this step:
7 Note
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 43/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
If you intend to deploy network access servers, such as wireless access points or VPN
servers, after deploying your core network, it is recommended that you deploy NPS.
When you use NPS as a Remote Authentication Dial-In User Service (RADIUS) server, NPS
performs authentication and authorization for connection requests through your network
access servers. NPS also allows you to centrally configure and manage network policies
that determine who can access the network, how they can access the network, and when
they can access the network.
Following are key planning steps before installing NPS.
Plan the user accounts database. By default, if you join the server running NPS to an
Active Directory domain, NPS performs authentication and authorization using the
AD DS user accounts database. In some cases, such as with large networks that use
NPS as a RADIUS proxy to forward connection requests to other RADIUS servers, you
might want to install NPS on a non-domain member computer.
Plan RADIUS accounting. NPS allows you to log accounting data to a SQL Server
database or to a text file on the local computer. If you want to use SQL Server
logging, plan the installation and configuration of your server running SQL Server.
7 Note
By default, NPS listens for RADIUS traffic on ports 1812, 1813, 1645, and 1646 on all
installed network adapters. If Windows Firewall with Advanced Security is enabled
when you install NPS, firewall exceptions for these ports are automatically created
during the installation process for both Internet Protocol version 6 (IPv6) and IPv4
traffic. If your network access servers are configured to send RADIUS traffic over ports
other than these defaults, remove the exceptions created in Windows Firewall with
Advanced Security during NPS installation, and create exceptions for the ports that
you do use for RADIUS traffic.
Administrative Credentials
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 44/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
To complete this procedure, you must be a member of the Domain Admins group.
7 Note
To perform this procedure by using Windows PowerShell, open PowerShell and type
the following, and then press ENTER.
Install-WindowsFeature NPAS -IncludeManagementTools
To install NPS
1. On NPS1, in Server Manager, click Manage, and then click Add Roles and Features.
The Add Roles and Features Wizard opens.
7 Note
The Before You Begin page of the Add Roles and Features Wizard is not
displayed if you have previously selected Skip this page by default when the
Add Roles and Features Wizard was run.
4. In Select destination server, ensure that Select a server from the server pool is
selected. In Server Pool, ensure that the local computer is selected. Click Next.
5. In Select Server Roles, in Roles, select Network Policy and Access Services. A dialog
box opens asking if it should add features that are required for Network Policy and
Access Services. Click Add Features, and then click Next.
6. In Select features, click Next, and in Network Policy and Access Services, review the
information that is provided, and then click Next.
7. In Select role services, click Network Policy Server. In Add features that are required
for Network Policy Server, click Add Features. Click Next.
8. In Confirm installation selections, click Restart the destination server automatically
if required. When you are prompted to confirm this selection, click Yes, and then click
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 45/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Install. The Installation progress page displays status during the installation process.
When the process completes, the message "Installation succeeded on
ComputerName" is displayed, where ComputerName is the name of the computer
upon which you installed Network Policy Server. Click Close.
NPSs must be registered in Active Directory so that they have permission to read the dial-
in properties of user accounts during the authorization process. Registering an NPS adds
the server to the RAS and IAS Servers group in Active Directory.
Administrative credentials
To complete this procedure, you must be a member of the Domain Admins group.
7 Note
To perform this procedure by using network shell (Netsh) commands within Windows
PowerShell, open PowerShell and type the following, and then press ENTER.
Deploying WEB1
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 46/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
The Web Server (IIS) role in Windows Server 2016 provides a secure, easy-to-manage,
modular and extensible platform for reliably hosting web sites, services, and applications.
With Internet Information Services (IIS), you can share information with users on the
Internet, an intranet, or an extranet. IIS is a unified web platform that integrates IIS,
ASP.NET, FTP services, PHP, and Windows Communication Foundation (WCF).
In addition to allowing you to publish a CRL for access by domain member computers, the
Web Server (IIS) server role allows you to set up and manage multiple web sites, web
applications, and FTP sites. IIS also provides the following benefits:
Maximize web security through a reduced server foot print and automatic application
isolation.
Easily deploy and run ASP.NET, classic ASP, and PHP web applications on the same
server.
Achieve application isolation by giving worker processes a unique identity and
sandboxed configuration by default, further reducing security risks.
Easily add, remove, and even replace built-in IIS components with custom modules,
suited for customer needs.
Speed up your website through built-in dynamic caching and enhanced compression.
To deploy WEB1, which is the computer that is running the Web Server (IIS) server role, you
must do the following:
Perform the steps in the section Configuring All Servers.
Perform the steps in the section Joining Server Computers to the Domain and
Logging On
7 Note
To perform this procedure by using Windows PowerShell, open PowerShell and type
the following, and then press ENTER.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 47/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
1. In Server Manager, click Manage, and then click Add Roles and Features. The Add
Roles and Features Wizard opens.
7 Note
The Before You Begin page of the Add Roles and Features Wizard is not
displayed if you have previously selected Skip this page by default when the
Add Roles and Features Wizard was run.
5. On the Select server roles page, scroll to and select Web Server (IIS). The Add
features that are required for Web Server (IIS) dialog box opens. Click Add Features,
and then click Next.
6. Click Next until you have accepted all of the default web server settings, and then
click Install.
7. Verify that all installations were successful, and then click Close.
Windows Server 2016, Windows Server 2012 R2 , and Windows Server 2012 Technical
Library Resources
What's new in Active Directory Domain Services (AD DS) in Windows Server 2016
Active Directory Domain Services overview at
https://technet.microsoft.com/library/hh831484.aspx .
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 48/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Appendices A through E
The following sections contain additional configuration information for computers that are
running operating systems other than Windows Server 2016, Windows 10, Windows Server
2012 , and Windows 8. In addition, a network preparation worksheet is provided to assist
you with your deployment.
2. In Computer name, domain, and workgroup settings, click Change settings. The
System Properties dialog box opens.
7 Note
4. In Computer Name, type the name for your computer. For example, if you want to
name the computer DC1, type DC1.
5. Click OK twice, click Close, and then click Restart Now to restart the computer.
2. In Computer name, domain, and workgroup settings, click Change settings. The
System Properties dialog box opens.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 50/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
7 Note
On computers running Windows Vista, before the System Properties dialog box
opens, the User Account Control dialog box opens, requesting permission to
continue. Click Continue to proceed.
4. In Computer Name, type the name for your computer. For example, if you want to
name the computer DC1, type DC1.
5. Click OK twice, click Close, and then click Restart Now to restart the computer.
In Network and Internet, click Network and Sharing Center. Network and Sharing
Center opens.
3. In Network and Sharing Center, click Change adapter settings. Network
Connections opens.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 51/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
6. In Internet Protocol Version 4 (TCP/IPv4) Properties, on the General tab, click Use
the following IP address. In IP address, type the IP address that you want to use.
7. Press tab to place the cursor in Subnet mask. A default value for subnet mask is
entered automatically. Either accept the default subnet mask, or type the subnet mask
that you want to use.
9. In Preferred DNS server, type the IP address of your DNS server. If you plan to use
the local computer as the preferred DNS server, type the IP address of the local
computer.
10. In Alternate DNS Server, type the IP address of your alternate DNS server, if any. If
you plan to use the local computer as an alternate DNS server, type the IP address of
the local computer.
11. Click OK, and then click Close.
2. In Control Panel, verify that Classic View is selected, and then double-click Network
and Sharing Center.
3. In Network and Sharing Center, in Tasks, click Manage Network Connections.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 52/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
6. In Internet Protocol Version 4 (TCP/IPv4) Properties, on the General tab, click Use
the following IP address. In IP address, type the IP address that you want to use.
7. Press tab to place the cursor in Subnet mask. A default value for subnet mask is
entered automatically. Either accept the default subnet mask, or type the subnet mask
that you want to use.
9. In Preferred DNS server, type the IP address of your DNS server. If you plan to use
the local computer as the preferred DNS server, type the IP address of the local
computer.
10. In Alternate DNS Server, type the IP address of your alternate DNS server, if any. If
you plan to use the local computer as an alternate DNS server, type the IP address of
the local computer.
11. Click OK, and then click Close.
) Important
To join a computer to a domain, you must be logged on to the computer with the
local Administrator account or, if you are logged on to the computer with a user
account that does not have local computer administrative credentials, you must
provide the credentials for the local Administrator account during the process of
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 53/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
joining the computer to the domain. In addition, you must have a user account in the
domain to which you want to join the computer. During the process of joining the
computer to the domain, you will be prompted for your domain account credentials
(user name and password).
2. Click Start, right-click Computer, and then click Properties. The System dialog box
opens.
3. In Computer name, domain, and workgroup settings, click Change settings. The
System Properties dialog box opens.
7 Note
5. In Computer Name, in Member of, select Domain, and then type the name of the
domain you want to join. For example, if the domain name is corp.contoso.com, type
corp.contoso.com.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 54/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
8. The Computer Name/Domain Changes dialog box displays a message indicating that
you must restart the computer to apply the changes. Click OK.
9. On the System Properties dialog box, on the Computer Name tab, click Close. The
Microsoft Windows dialog box opens, and displays a message, again indicating that
you must restart the computer to apply the changes. Click Restart Now.
3. In Computer name, domain, and workgroup settings, click Change settings. The
System Properties dialog box opens.
7. In Computer Name/Domain Changes, in User name, type the user name, and in
Password, type the password, and then click OK. The Computer Name/Domain
Changes dialog box opens, welcoming you to the domain. Click OK.
8. The Computer Name/Domain Changes dialog box displays a message indicating that
you must restart the computer to apply the changes. Click OK.
9. On the System Properties dialog box, on the Computer Name tab, click Close. The
Microsoft Windows dialog box opens, and displays a message, again indicating that
you must restart the computer to apply the changes. Click Restart Now.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 55/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
4. In User name, type your domain and user name in the format domain\user. For
example, to log on to the domain corp.contoso.com with an account named User-01,
type CORP\User-01.
5. In Password, type your domain password, and then click the arrow, or press ENTER.
4. In User name, type your domain and user name in the format domain\user. For
example, to log on to the domain corp.contoso.com with an account named User-01,
type CORP\User-01.
5. In Password, type your domain password, and then click the arrow, or press ENTER.
For planning and tracking purposes, spaces are provided in each table for you to enter the
values used for your deployment. If you log security-related values in these tables, you
should store the information in a secure location.
The following links lead to the sections in this topic that provide configuration items and
example values that are associated with the deployment procedures presented in this
guide.
1. Installing Active Directory Domain Services and DNS
IP address 10.0.0.2
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 58/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Installing DHCP
The tables in this section list configuration items for pre-installation and installation of
DHCP.
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 59/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
IP address 10.0.0.3
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 60/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
Length 8
Lease duration -8
Days -0
-0
Hours
Minutes
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 61/63
9/11/22, 11:40 PM Core network components | Microsoft Docs
IP address 10.0.0.4
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/core-network-guide 63/63